1. Field
One or more aspects of embodiments according to the present invention relate to processing information of different classification levels, where Mandatory Access Control (MAC) is required to restrict data from exposure to unauthorized security domains, and more particularly to a system and method for processing data of different classification levels. MAC applies to information where each piece of information is associated with a classification level, and system users are not allowed to change the association of data with classification levels or the access policy of domains to classification levels. This is in contrast with Discretionary Access Control (DAC) where a user can change the authorization of a user to a piece of information. Examples of classifications and security domains are databases of different company departments (order processing, engineering, finance) or DoD classification levels (top-secret, secret, unclassified).
2. Description of Related Art
In systems processing information from different security domains, communication between components handling data in one domain and components handling data in a different domain may be controlled to avoid the transmission of data to where it may be accessible to persons who should not have access to it. Furthermore, it may be necessary to restrict data flow between domains to prevent the transfer of malicious code or covert channel information. In systems in which separate computers, for example, are used to keep the security domains separate, a component referred to as a “data diode” may be used in a communication link between the computers to allow data to flow only in one direction in order to enforce mandatory read or write access control. Approaches such as these are expensive and lack compactness (for use in systems using embedded hardware and software).
Thus, there is a need for an improved system and method of processing data of different classification levels.